<?php
include('includes/dbconnection.php');

if($_POST['process'] == "add") {
	
	if($_FILES["upload"]["name"]!=""){
	$file=gmdate('YmdHis').$_FILES["upload"]["name"] ;
     move_uploaded_file($_FILES["upload"]["tmp_name"],"../uploads/books/".$file);
	}
 $sql= "insert into books(`category`, `book_name`, `book_desc`, `author`, `ISBN`, `publisher`,`price`,`cover_image`,`edition`, `published_in`, `active_status`, `created_datetime`) values('','".$_POST['book_title']."','".mysql_escape_string($_POST['book_desc'])."','".mysql_escape_string($_POST['book_author'])."','".$_POST['isbn']."',
																																																																																   '".mysql_escape_string($_POST['publisher'])."',																																																																																	   '".$_POST['price']."',																																																																														   '".$file."','".$_POST['edition']."','".$_POST['published_in']."','".$_POST['status']."','".gmdate('Y-m-d H:i:s')."')";
	
	mysql_query($sql) or die(mysql_error());
}
else {
	$q = mysql_fetch_array(mysql_query("select cover_image  from  books where id='".$_POST['id']."'"));
	if($_FILES["upload"]["name"]=="")
	{
	$file=$q['cover_image'];	
	}
	if($_FILES["upload"]["name"]!="")
	{
	$path ="../uploads/books/".$q["cover_image"];
	@unlink($path);
	$file=gmdate('YmdHis').$_FILES["upload"]["name"] ;
	move_uploaded_file($_FILES["upload"]["tmp_name"],"../uploads/books/".$file);
	
	}
	
	$sql= "update books set `book_name`='".$_POST['book_title']."', `book_desc`='".mysql_escape_string($_POST['book_desc'])."', `author`='".mysql_escape_string($_POST['book_author'])."', `ISBN`='".$_POST['isbn']."', `publisher`='".mysql_escape_string($_POST['publisher'])."', `edition`='".$_POST['edition']."', `published_in`='".$_POST['published_in']."',`cover_image`='".$file."',`price`='".$_POST['price']."',`active_status`='".$_POST['status']."', `modified_datetime`='".gmdate('Y-m-d H:i:s')."' where id='".$_POST['id']."'";
	mysql_query($sql) or die(mysql_error());
}
?>
<script type="text/javascript">
location.href="index.php?tc=books";
</script>


